HP Firewall User Manual

HP A-IMC Firewall Manager

Configuration Guide

Part number: 5998-2267

Document version : 6 P W 101-20110805

Legal and notice information

No part of this documentation may be reproduced or transmitted in any form or by any means without prior written consent of Hewlett-Packard Development Company, L.P.

The information contained herein is subject to change without notice.

HEWLETT-PACKARD COMPANY MAKES NO WARRANTY OF ANY KIND WITH REGARD TO THIS MATERIAL, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. Hewlett-Packard shall not be liable for errors contained herein or for incidental or consequential damages in connection with the furnishing, performance, or use of this material.

The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. HP shall not be liable for technical or editorial errors or omissions contained herein.

Overview ······································································································································································ 1

Introduction to HP A-IMC Firewall Manager··················································································································1 What HP A-IMC Firewall Manager can do ···················································································································1

Installation and uninstallation······································································································································ 2

Installing the firewall manager ········································································································································2 Registering the firewall manager·····································································································································2 Uninstalling the firewall manager ···································································································································3

System management···················································································································································· 4

Device management ·························································································································································4

Managing devices····················································································································································4 Managing batch import········································································································································ 18 Managing device groups ····································································································································· 18 Managing events··················································································································································· 20 Managing device access templates ···················································································································· 22 Managing the device software database··········································································································· 24 Managing deployment tasks ································································································································ 26

Operator management·················································································································································· 27

Managing operators············································································································································· 27 Managing operation logs····································································································································· 29 Changing your login password ··························································································································· 30

System configuration······················································································································································ 31

Configuring system parameter····························································································································· 31 Configuring management ports ··························································································································· 31 Configuring the mail server·································································································································· 32 Managing filters ···················································································································································· 33 Managing LDAP servers ······································································································································· 35 Managing log retention time································································································································ 37 Monitoring the disk space ···································································································································· 37 Managing subsystems··········································································································································· 39

Firewall management ················································································································································42

Attack events monitoring ··············································································································································· 42

Snapshot of events ················································································································································ 42 Recent events list···················································································································································· 44 Device monitoring ················································································································································· 45

Event analysis ································································································································································· 45

Event overview······················································································································································· 45 Event details ··························································································································································· 47 Report exporting management····························································································································· 49

Event auditing································································································································································· 51

Inter-zone access log auditing ·····························································································································52 Abnormal traffic log auditing······························································································································· 52 Blacklist log auditing············································································································································· 53 Operation log auditing········································································································································· 53 Other log auditing················································································································································· 54 NAT log auditing··················································································································································· 55 MPLS log auditing ················································································································································· 55

Security policy management········································································································································· 56

Security zones························································································································································ 56 Time ranges···························································································································································· 58 Services ·································································································································································· 60 IP addresses ··························································································································································· 65 Interzone rules························································································································································ 72 Interzone policies ·················································································································································· 76 Interzone policy applications ······························································································································· 80

Firewall device management ········································································································································ 83

Managing firewall devices··································································································································· 83 Viewing device statistics ······································································································································· 85 Managing the device configuration database··································································································· 85 Managing deployment tasks ································································································································ 91

SSL VPN auditing ·······················································································································································93

Comprehensive analysis················································································································································ 93

Online users ··························································································································································· 93 Online users trends················································································································································ 94 Daily user statistics ················································································································································ 94 Device monitoring ················································································································································· 95

SSL VPN log auditing ···················································································································································· 96

User access records auditing ······························································································································· 96 Operation log auditing········································································································································· 96 Resource access auditing ·····································································································································97 Authentication failure auditing····························································································································· 97

Configuration example 1 ··········································································································································99

Network requirements ···················································································································································99 Configuration procedure ··············································································································································· 99

Adding devices to the firewall manager············································································································· 99

Configuration example 2 ······································································································································· 101

Network requirements ·················································································································································101 Configuration procedures ···········································································································································101

Configuring the firewall device··························································································································101 Configuring the Firewall Manager ····················································································································102 Configuring intrusion detection in firewall and sending logs to Firewall Manager·····································103

Verification····································································································································································107

Firewall logs and Firewall Manager analysis ··································································································107

Support and other resources ·································································································································· 111

Contacting HP ······························································································································································ 111

Subscription service ············································································································································111

Related information······················································································································································111

Documents····························································································································································111 Websites·······························································································································································111

Conventions ··································································································································································112

Index ········································································································································································ 114

Overview

Introduction to HP A-IMC Firewall Manager

HP A-IMC Firewall Manager is a powerful system for comprehensive analysis and centralized management of firewall devices. It is an important component of the HP A-Intelligent Management Center (A-IMC).

The Firewall Manager allows you to manage and control all HP firewall devices in your network. It features great scalability, visual realtime event monitoring, comprehensive security event analysis such as attack analysis, and rich reports, enabling you to learn the network security status at any time.

In addition, the Firewall Manager provides the Security Socket Layer (SSL) VPN log auditing function for you to analyze SSL VPN users and monitor firewall devices. SSL VPN is an emerging VPN technology based on HTTPS, and provides a measure of security for remote access to the intranet.

Together with HP firewall devices, the Firewall Manager provides you with visual, all-around, powerful network security protection.

What HP A-IMC Firewall Manager can do

As a powerful, efficient firewall management system, the Firewall Manager supports centralized management and realtime monitoring of firewall devices throughout the network, implements collection and comprehensive analysis of attack event information, enables log auditing, and provides kinds of visual, detailed reports. From the all-around reports, you can see the history security status as well as the security trends of the network easily.

The Firewall Manager presents the following key features:

• Visual realtime monitoring, which can help you detect network attacks in time.

• Perfect comprehensive analysis and rich statistics reports, which can reduce your analysis time.

• Fine log auditing, allowing you to track events.

• Friendly and easy-to-use interface, allowing easy deployment.

Installation and uninstallation

Installing the firewall manager

The software and hardware requirements of the Firewall Manager are as follows:

• Hardware: P4 2.0 CPU or above, 1.5G memory or more, 80G disk or more.

• Operating system: Windows 2003 Server (recommended) or Windows XP, installed with the

up-to-date patches.

• Browser: IE 6.0 or above

To install HP A-IMC Firewall Manager, you only need to run the executable file install.exe, which is under the installation directory, and click Next repeatedly as prompted.

CAUTION:

After finishing installation, you must restart the operating system.

Registering the firewall manager

In the address bar of the browser, enter http://localhost/ to open the login page. The default login username and password are admin and admin1 respectively.

CAUTION:

The last character of the password is digit 1.

When you log in to the Firewall Manager for the first time, you will see the license information page and such a prompt: You haven’t registered. Please register to use the system normally. You can obtain a formal license, and register your license by following this procedure:

1. From the navigation tree, select License Application under License Management to enter the license

application page. The system automatically generates a host ID for license application, as shown in

Figure 1. Perform operations as prompted to obtain a license file.

Figure 1 Generate a host ID

2. From the navigation tree, select License Registration under License Management to enter the

license registration page, as shown in click Apply to complete registration. The suffix of a license file is lic.

Figure 2. Click Browse to select the license file and then

Figure 2 Register your license

After seeing the acknowledgement page, you can use the Firewall Manager to configure devices and perform other operations.

CAUTION:

HP A-IMC Firewall Manager is shipped with a trial license that is effective within one month, which is saved in a license file named A-IMC Firewall Manager Evaluation License.lic. Before you get a formal license, you can use the trial license to register.

Uninstalling the firewall manager

To uninstall HP A-IMC Firewall Manager, follow these steps:

1. On the Windows desktop, click Start and then select All Programs > Firewall Manager > Uninstall

Firewall Manager to enter the uninstall page.

2. Click Uninstall, and then click Next repeatedly as prompted.

3. Restart the operating system.

4. Remove all files and subdirectories under the Firewall Manager installation directory (C:\Program

Files\Firewall Manager, for example) and the installation directory itself, if any.

CAUTION:

During the uninstallation process, no system data backup operation is performed and all data is

removed.

If you need the system data, backup the data before uninstalling the Firewall Manager.

System management

The system management component is mainly used to configure the firewall devices to be managed by the Firewall Manager.

To access the system management component, select the System Management tab. Then, you can perform:

•

Device management

Operator management

•

System configuration

•

• License management

The license management function allows you to apply for, register, and view a license. The license mechanism is used for enterprise identity authentication.

Device management

The device management module allows you to perform the following tasks:

Managing devices

•

Managing batch import

•

Managing device groups

•

Managing events

•

Managing device access templates

•

Managing the device software database

•

Managing deployment tasks

•

Managing devices

Device management

After completing device group and template configuration, you can add devices to be managed. Only after you add devices to the system component successfully, can you add the devices to the firewall component to collect statistics on and analyze attack information. The device management page allows you to add and delete devices. The device list shows the details of all managed devices, and provides the links for you to export configurations and connect to the devices through web or Telnet.

1. Configuration guide

From the navigation tree of the system management component, select Device List under Device Management. The device management page appears, showing the basic information of all devices

added successfully to the Firewall Manager.

Figure 3 Device management page

Table 1 Device management functions

Function Description

Device list

Adding a device Allows you to add devices to be managed.

Deleting devices

Refreshing device information Allows you to obtain the up-to-date device information.

2. Device list

Allows you to view details about devices, export configurations, and connect to the devices through web or Telnet.

Allows you to delete devices from the list of managed devices.

Follow these steps:

1. Select the check boxes before the devices to be deleted.

2. Click Delete.

From the navigation tree of the system management component, select Device List under Device Management. The device management page appears, as shown in

Figure 3. Table 3 describes the fields

of the device list.

Table 2 Device query option

Option Description

Device Group

Select a device group to list all devices in the device group.

Table 3 Fields of the device list

Field Description

Running Status

Device Label

Device Group

Device Model

IP Address

Operation

Status of the device. You can click the link to view the event list of the device. For more information, see “

Name and IP address of the device. You can click the link to view the details of the device and modify the relevant information. For more information, see “

Device group to which the device belongs

Model of the device

IP address of the device

Device information.”

Managing events.”

• Click the icon of a device to open the web console for the device.

• Click the icon of a device to telnet to the device.

Return to Device management functions.

3. Adding a device

From the navigation tree of the system management component, select Device List under Device Management. The device management page appears, as shown in

device, as shown in

Figure 4 and Table 4.

Figure 3. Then, click Add to add a

Figure 4 Add a device

Table 4 Device configuration items

Item Description

Required

Host Name/IP

Device Label

Device Group

Time Calibration

Select access template

Specify access parameters

Type the name or IP address of the device to uniquely identify the device in the system.

Required

Type a label for the device, which can be used as an alias of the device.

The device label can comprise up to 20 characters.

Select a device group for the device. By default, the device group named default is selected.

Required

Select a time mode for the device.

Required. Select either of them.

If you select Select access template, select a template from the following drop-down list. By default, the template named default is selected.

If you select Specify access parameters, specify the access parameters, including Web Username, Web Password, Web Port, Telnet Username, Telnet Password, SNMP Version, Community String for Reading, and

Web Username

Web Password

Web Port

Telnet Username

Telnet Password

SNMP Version

Community String for Writing.

Required

Specify the username for managing the device through web.

The username can comprise up to 20 characters.

Required

Specify the password for managing the device through web.

The strength of the password must meet the password strength requirements of the device.

Optional

Specify the port of the device to be connected with the network.

The port number must be an integer in the range from 0 to 65535.

Optional

Specify the username for telneting to the device.

The username can comprise up to 20 characters.

Optional

Specify the password for telneting to the device.

IMPORTANT:

The strength of the password must meet the password strength requirements of the device.

Required

Select an SNMP version, which can be SNMPv1, SNMPv2, or SNMPv3.

Community String for Reading

Community String for Writing

Authentication Username

Authentication Protocol

Required

Specify the SNMP read community string to be used for communication with the device.

The string can comprise up to 20 characters.

Required

Specify the SNMP write community string to be used for communication with the device.

The string can comprise up to 20 characters.

Required for SNMPv3

Specify the authentication username to be used for communication with the device.

Required for SNMPv3

Specify the authentication protocol to be used for communication with the device.

Required when you select the authentication protocol HMAC-MD5 or

Password

Encryption Protocol

Password

SMAC-SHA.

Specify the authentication password to be used for communication with the device.

Required when you select the authentication protocol HMAC-MD5 or SMAC-SHA.

Specify the encryption protocol to be used for communication with the device.

Required when you select the encryption protocol CBS-DES or AES-128.

Specify the encryption password to be used for communication with the device.

Optional

Configure the cards in the device.

Multi-Card Device

IMPORTANT:

• You can specify the card 1 IP address, card 2 IP address, or both.

• The input IP address must be in the dotted decimal notation, such as

192.168.0.35.

Return to Device management functions.

4. Device information

From the navigation tree of the system management component, select Device List under Device Management. The device management page appears, as shown in

Figure 3. Then, you can click the

device label link of a device to display the details of the device and modify the information of the device, as shown in

Figure 5.

Figure 5 Device information

Device software management

Device software refers to the software that a firewall device runs to provide services. It can be regarded as the operating system of the device.

The device software management function provides you with the software information of the firewall devices and allows you to perform a series of operations to the software of firewall devices, including deploying software to devices and backing up the software of devices. The device software list also displays the device type, the current software version, and the latest available new software version.

1. Configuration Guide

From the navigation tree of the system management component, select Device List under Device Management. The device management page appears, as shown in Software Management tab to bring up the device software management page, as shown in

Table 5 describes the device software management functions and Table 6 describes the fields of the

device software list.

Figure 6 Device software management page

Figure 3. Then, select the Device

Figure 6.

Table 5 Device software management functions

Function Description

Deploying software to devices Allows you to deploy software to devices as required.

Backing up the software of devices

Refreshing device information Allows you to obtain the up-to-date device information.

Allows you to backup the software of selected devices to the device software database.

Table 6 Fields of the device software list

Field Description

Device Label

Device Group

Device Type

Current Version

Latest Version

2. Deploying software to devices

Device name and IP address. You can click the link to view details about the device and modify the configuration.

Device group to which the device belongs

Model of the device

Current software version of the device

Latest software version available for the device. This version information comes from the software database.

This software deployment function allows you to deploy main boo t file to devices. O n the device software management page, click Deploy Device Software to enter the software deployment page, as shown in

Figure 7. Table 7 describes the software deployment configuration items. You can deploy software to

multiple devices at a time. You can specify deployment parameters, such as the deployment sequence, policy, time, and error handling mode. A successfully created software deployment task is listed in the deployment task management module.

How many boot files can be stored on a device depends on the device's disk space. Generally, two files, one main boot file and one backup boot file, are stored on the device.

Figure 7 Deploy software to devices

Table 7 Software deployment configuration items

Item Description

Required

Task Name

Description

Add Device

Deploy Software Version

Deployment Sequence

Type the name of the deployment task. By default, it consists of the word Task, a string indicating the current time, and a space in between.

Required

Type a description for the task.

The description must not contain these characters: ' " < > & % : ; / \

Click this button to add a device to which you want to deploy a software version. You can add multiple devices.

You can click the icon of a device to remove it from the list.

Select a location from the Device Storage Path drop-down list to specify where the software should be saved on the device. Generally, the root directory of the CF card is selected.

Required

Click the link in this column to select the software version to be deployed.

Required

Select a deployment mode to deploy the software to the devices in parallel

(Parallel) or one by one (Serial).

Error Handling

Deployment Policy

When the deployment sequence is serial, the icons adjusting the sequence.

Required when the deployment mode is Serial.

Specify the error handling scheme to be used when a deployment error occurs.

Required

Select the actions to be taken after deploying the software selected in the Deploy Software Version column.

are configurable for

• Set the currently running software as the backup startup

software—Specifies secpath1000fe-cmw520-b5002.bin as the main startup software and the current running software as the backup startup software.

• Delete software that is currently running—Specifies

secpath1000fe-cmw520-b5002.bin as the main startup software and deletes the current running software from the device.

• Delete startup software that is currently backup—Specifies

secpath1000fe-cmw520-b5002.bin as the main startup software, deletes the backup startup software from the device, and leaves the current running software on the device.

• Reboot the device immediately after deploying—Specifies

secpath1000fe-cmw520-b5002.bin as the main startup software, leaves all software files stored on the device, and reboots the device. After the device reboots, secpath1000fe-cmw520-b5002.bin is the current running software of the device.

Deployment Time Specify the execution time of the deployment task.

NOTE:

You must select a software version for the Deploy Software Version field before deploying software to devices.

Return to Device software management functions.

3. Backing up the software of devices

On the device software management page, select devices and then click Backup Device Software to back up the software of the selected devices. The Import from Device page appears with the operation results, as shown in

Figure 8. Table 8 describes the fields of the software backup result list.

Figure 8 Software backup result

If the backup operation fails, the system shows the reasons. The software backup files are stored in the software database.

Table 8 Fields of the software backup result list

Field Description

Device Label

Software Name

Size

Start Time

Status

Result Description of the operation result or failure reason

Return to Device software management functions.

Device config management

The device configuration management function allows you to manage configuration files of devices. A configuration file records the configurations users have made on the device. The configuration file is used by the device to filter traffic passing through.

A configuration file can be a startup configuration file or a running configuration file. The startup configuration file refers to the configuration file that a device keeps and will use at next boot. The running configuration file refers to the configuration currently used by a device, which you can save to the device as a file, and once saved, becomes the startup configuration file.

The device configuration management function supports setting baseline versions for devices, managing the running versions and startup versions of devices, and deploying configuration files to devices.

Device name and IP address

Name of the software backed up

Size of the backup file for the software

Start time of the backup operation

Result of the backup operation

1. Configuration guide

From the navigation tree of the system management component, select Device List under Device Management. The device management page appears, as shown in Config Management tab to enter the device configuration management page, as shown in

Figure 3. Then, select the Device

Figure 9. Table 9 describes the device configuration management functions and Table 10 describes the fields of

the device configuration management list.

Figure 9 Device configuration management page

Table 9 Device configuration management functions

Function Description

Allows you to back up the running configuration file and/or the

Backing up configuration files

startup configuration file of a device. Backup files are identified by labels and version numbers.

Restoring a configuration file

Allows you to restore the startup and/or backup configuration file of

a device to another version.

Synchronizing configurations

Restarting devices Allows you to restart devices.

Allows you to deploy new configuration settings to devices to make them take effect.

Table 10 Fields of the device configuration management list

Field Description

Device Label

Device Group Device group to which the device belongs

Last Backup Time Time of the last configuration file backup operation

Last Operate Time Time of the last configuration file operation

2. Backing up configuration files

Device name and IP address. You can click the link to view details about the device and modify the configuration.

Check whether the current configuration of the device is consistent with that last backed up.

From the navigation tree of the system management component, select Device List under Device Management. The device management page appears, as shown in

Figure 3. Then, select the Device

Config Management tab to enter the device configuration management page. Select a device by selecting the check box and click Backup to bring up the backup configuration page, as shown in

Figure

10. A backup file is uniquely identified by a version number that is assigned by the system. After a file is

backed up, click the

icon in the Management column of a device to view the detailed information of

the backup configuration files.

Figure 10 Backup configuration files

Return to Device configuration management functions.

3. Restoring a configuration file

Select a device and click Restore to bring up the restoration configuration page, as shown in

Figure 3. Then, select the Device

Figure 9.

Figure 11.

Select a startup configuration file and/or running configuration file by their labels and click Apply to specify the files as the startup and/or running configuration files for the device.

Figure 11 Restore configuration files

Return to Device configuration management functions.

4. Device configuration information management

On the device configuration management list, you can click the icon in the Management column of a device to bring up the configuration information management page of the device, as shown in

Figure 12. Table 11 describes the tabs on the device configuration information management page and the functions

provided on the tabs.

Figure 12 Device configuration information management interface

Table 11 Tabs on the device configuration information management page and functions provided

Tab Description

Label A label represents a configuration file of a device. .

Running Config Allows you to perform operations on running configuration files of different versions.

Allows you to view, back up, and delete the current startup configuration file of a

Startup Config

Draft Allows you to manage drafts for a device.

5. Label

device.

The functions are the similar to those for management of running configuration files.

A label is used to indicate the backup running and/or startup configuration files of a device.

On the device configuration management list, you can click the icon in the Management column of a device to bring up the configuration information management interface of the device, as shown in

Figure

12.

The Label tab allows you to:

• Add and delete labels.

• View the information of the backup configuration file, such as version number and backup time. A

backup file is uniquely identified by a version number assigned by the system.

• Compare two configuration files to find the differences.

• Click the restoration icon to set the startup configuration file and/or running configuration file of a

label as the startup configuration file and/or running configuration file for the device.

Table 12 Fields of the configuration label list

Field Description

Label Label of a startup configuration file and/or running configuration file.

Running Config Version number of the running configuration file associated with the label.

Backup Time Time when the running configuration file is backed up.

Allows you to compare two configuration files including the drafts to find the differences.

Follow these steps:

3. Click the

Compare

Startup Config Version number of the startup configuration file associated with the label.

file on the left side of the comparison page.

4. Click the

the right side of the comparison page, as shown in Figure 13.

IMPORTANT:

The running configuration file does not support the xml format.

icon of a file and select Compare as Left from the men u to plac e the

icon of another file and select Compare To to place the file on

Backup Time Time when the startup configuration file is backed up.

Restore

Allows you to set the configuration file(s) identified by the label as the startup configuration file and/or running configuration file for the device.

Figure 13 Compare two configuration files

CAUTION:

The label Currently indicates the configuration file is currently used by the device and the label Baseline indicates the baseline version. Configuration files with any of these labels cannot be deleted.

Return to Tabs on the device configuration information management page and functions provided.

6. Running Config

On the device configuration management list, you can click the icon in the Management column of a device to bring up the configuration information management interface of the device, as shown in

Figure

12. Then, click the Running Config tab to enter the running configuration file management page, as

shown in

Figure 14.

The Running Config tab allows you to:

• View, back up, restore and delete a running configuration file.

• Specify the running configuration as the baseline or save it as a draft.

• Compare two configuration files to find the differences.

Figure 14 Running configuration file list

Table 13 Fields of the running configuration list

Field Description

Version

Backup Time Time when the running configuration file is backed up.

Label Label for this version.

Compare

Set Baseline Allows you to set the running configuration file as the baseline.

Label Management Allows you to re-label the running configuration file.

Save as Draft

Restore

Uniquely identifies the running configuration file. The version number is assigned automatically by the system for each backup file.

Allows you to compare two configuration files including the drafts to find the differences.

Allows you to save the running configuration file as a draft, and then edit the content of the draft.

Allows you to set the configuration file identified by the version as the running configuration file for the device.

Return to Tabs on the device configuration information management page and functions provided.

7. Draft

You can save a configuration file as a draft, or create a new draft.

On the device configuration management list, you can click the icon in the Management column of a device to bring up the configuration information management interface of the device, as shown in

12. Then, click the Draft tab to enter the draft management page, as shown in

Figure 15. You can

Figure

customize a configuration file and apply it to the device.

The Draft tab allows you to:

• Edit a configuration file and save it as a draft.

• Add and delete drafts.

• Click the restoration icon to replace the contents of the draft with the current startup or running

configuration file.

• Compare a draft with itself, another draft, or any configuration file to find the differences.

Figure 15 Draft list

Table 14 Fields of the draft list

Field Description

Name Name of the draft.

Description Remarks on the draft.

Creation Time Time when the draft is created.

Last Modify Time Last time when the draft is modified.

Compare Allows you to compare the draft with a configuration file to find the differences.

Allows you to set the draft as the configuration file for the device.

Restore

IMPORTANT:

Do not set a draft as the startup configuration file.

Return to Tabs on the device configuration information management page and functions provided.

Managing batch import

The batch import function allows you to add devices to the A-IMC Firewall Manager in batches by using a batch import file.

Configuration guide

From the navigation tree of the system management component, select Batch Import under Device Management. The batch import page appears, as shown in

import file, and then click Apply.

Figure 16. Click Browse to select the batch

Figure 16 Batch import of devices

Managing device groups

The device group management function allows you to add, modify, and delete device groups. When you add devices later, you can group devices into device groups so that you can manage and collect statistics on users, devices, and IP addresses by device group.

Configuration guide

From the navigation tree of the system management component, select Device Group List under Device Management. The device group management page appears, as shown in

the device group management functions.

Figure 17 Device group management page

Figure 17. Table 15 describes

Table 15 Device group management functions

Function Description

Device group list

Adding a device group

Device group list

From the navigation tree of the system management component, select Device Group List under Device Management. The device group management page appears, as shown in

groups are displayed on the page.

Table 16 Fields of the device group list

Field Description

Device Group Name

Description

Operation

Return to Device group management functions.

Adding a device group

Allows you to view details about device groups and modify and delete device groups.

Allows you to add a device group and configure the device group name and description.

Figure 17. Details of all device

Name of the device group

Description of the device group

• Click the icon of a device group to modify the device group.

• Click the icon of a device group to delete the device group.

From the navigation tree of the system management component, select Device Group List under Device Management to enter the device group management page. Then, click Add to add a device group as

shown in

Figure 18 and Table 17.

Figure 18 Add a device group

Table 17 Device group configuration items

Item Description

Required

Device Group Name

Type a name for the device group.

The device group name can comprise up to 40 characters and must not contain these characters: ” < > ’ & % : ; / \

Description

Return to Device group management functions.

Managing events

Configuration guide

The event management function records the operations on managed devices and logs the events, allowing you to track the status of devices.

From the navigation tree of the system management component, select Events under Device Management. The device event list page appears by default, as shown in

Table 18 describes the device management functions.

Figure 19 Device event list page

Optional

Type a description for the device group.

The description can comprise up to 40 characters.

Figure 19.

Table 18 Event management functions

Function Description

Device event list Allows you to view details about device events.

Device interface event list Allows you to view details about device interface events.

Device event list

Table 19 describes the device event query options. You can use any combination of the options to query

for the device events of interest.

Table 19 Device event query options

Option Description

Time

Device IP

Severity

Select the time period during which the device events occurred.

By default, the value of this option is --, which means any time.

Type the IP address of the device, in dotted decimal notation.

Select the severity level of the device events.

Severity levels in descending order are critical, major, minor, and warning. By default, the value of this option is --, which means all levels.

Table 20 describes the fields of the device event list. You can select the check boxes before events and

then click Delete to delete the events.

Table 20 Fields of the device event list

Field Description

Severity

Source

Description

Time

Device interface event list

Select the Device Interface Event List tab to enter the device interface event list page, as shown in Figure

20.

Figure 20 Device interface event list

Severity level of the device event

Label and IP address of the device that is the source of the device event

Description of the device event

Time when the device event occurred

Table 21 describes the event query options. You can use any combination of the options to query for the

events of interest.

Table 21 Device interface event query options

Option Description

Start Time

End Time

Select the time period during which the device interface events occurred.

Table 22 describes the fields of the device interface event list. You can select the check boxes before

events and then click Delete to delete the events.

Table 22 Fields of the device interface event list

Field Description

Time

Device IP IP address of the device in the device interface event

Interface Interface in the device interface event

Status Status of the device interface event

Time when the device interface event occurred

Managing device access templates

The device access template management function allows you to configure information such as the device login password.

Configuration guide

From the navigation tree of the system management component, select Access Template List under Device Management. The access template management page appears, as shown in

describes the template management functions.

Figure 21 Access template management page

Table 23 Template management functions

Function Description

Figure 21. Table 23

Template list

Adding a template Allows you to add templates.

Template list

From the navigation tree of the system management component, select Access Template List under Device Management. The access template management page appears, as shown in

access templates are displayed on the page.

Table 24 Fields of the template list

Field Description

Template

Version No.

Web Username

Web Port

Web Password

Telnet Username

Telnet Password

Allows you to view details about access templates and modify and delete templates.

Figure 21. Details of all

Name of the template

Version of the template

Username for managing the device through web

Port of the device providing web access service

Password for managing the device through web, displayed as a string of asterisks (*)

Username for telneting to the device

Password for telneting to the device, displayed as a string of asterisks (*)

Operation

• Click the icon of a template to modify the template.

• Click the icon of a template to delete the template.

Return to Template management functions.

Adding a template

From the navigation tree of the system management component, select Access Template List under Device Management to enter the access template management page. Then, click Add to add a template as

shown in

Figure 22 Add a template

Figure 22 and Table 25.

Table 25 Template configuration items

Item Description

Template Name

Web Username

Web Password

Web Port

Telnet Username

Required

Type a name for the template, a string of 1 to 20 characters.

Required

Specify the username for managing the device through web.

The username can comprise up to 20 characters.

Required

Specify the password for managing the device through web.

IMPORTANT:

The strength of the password must meet the password strength requirements of the device.

Required

Specify the port of the device providing web access service.

Port 80 is the default.

Optional

Specify the username for telneting to the device.

The username can comprise up to 20 characters.

Telnet Password

Optional

Specify the password for telneting to the device.

IMPORTANT:

The strength of the password must meet the password strength requirements of the device.

SNMP Version

Community String for Reading

Community String for Writing

Authentication Username

Authentication Protocol

Password

Required

Select an SNMP version, which can be SNMPv1, SNMPv2, or SNMPv3.

Required

Specify the SNMP read community string to be used for communication with the device. It can be a string of up to 20 characters.

Required

Specify the SNMP write community string to be used for communication with the device. It can be a string of up to 20 characters.

Required for SNMPv3

Specify the authentication username to be used for communication with the device.

Required for SNMPv3

Specify the authentication protocol to be used for communication with the device.

Required when you select the authentication protocol HMAC-MD5 or SMAC-SHA.

Specify the authentication password to be used for communication with the device.

Required when you select the authentication protocol HMAC-MD5 or

Encryption Protocol

Password

SMAC-SHA.

Specify the encryption protocol to be used for communication with the device.

Required when you select the encryption protocol CBS-DES or AES-128.

Specify the encryption password to be used for communication with the device.

Return to Template management functions.

Managing the device software database

The device software database is used to save all device software. It allows you to import device software to the database from files or devices, and deploy software to devices.

Configuration guide

From the navigation tree of the system management component, select Device Software Database under Device Management to enter the device software database page, as shown in

describes the device software database functions, option, and

Table 28 describes the fields of the device software database list.

Table 27 describe the device software database query

Figure 23. Table 26

Figure 23 Device software database page

Table 26 Device software database functions

Function Description

Importing device software Allows you to import device software from a file or from a device.

Allows you to remove software that is no longer in use.

Deleting device software

Deploying software to device Allows you to deploy software to devices.

Follow these steps:

1. Select the check box before software names.

2. Click Delete.

Table 27 Device software database query option

Option Description

Software Name Specify the name of the software.

Table 28 Fields of the device software database list

Field Description

Software Name Name of the software file

Declaration Remarks on the software

Import Time Time when the software is imported

Size Size of the software file

Check

Rename Allows you to rename the software file.

Export Allows you to export the software to a local place

Deployment Allows you to deploy the software to devices.

Importing device software

Allows you to check whether the exported software is consistent with the device software.

From the navigation tree of the system management component, select Device Software Database under

Device Management to enter the device software database page, as shown in Import to bring up the device software import page, as shown in

Figure 24. You can import device

Figure 23. Then, click

software from a file or from devices:

• To import device software from a file, specify the source and destination files.

• To import device software from devices, specify the devices.

Figure 24 Device software import page

Managing deployment tasks

This function allows you to view all deployment task information.

Configuration guide

From the navigation tree of the system management component, select Deploy Task under Device Management to enter the deployment task list page, as shown in

Figure 25 Deployment task list

Figure 25.

On the deployment task list, you can:

• Execute deployment tasks immediately.

• Cancel deployment tasks.

• Delete deployment tasks.

• Refresh the deployment task information.

Table 29 describes the deployment task query option and Table 30 describes the fields of the

deployment task list.

Table 29 Deployment task query option

Option Description

Task Status Select a state to list all deployment tasks in the state.

Table 30 Fields of the deployment task list

Field Description

Execution Status Current status of the deployment task

Task Name Name of the deployment task

Task Type Type of the deployment task

+ 89 hidden pages

HP Firewall User Manual

Contents

Overview

Introduction to HP A-IMC Firewall Manager

What HP A-IMC Firewall Manager can do

Installation and uninstallation

Installing the firewall manager

Registering the firewall manager

Uninstalling the firewall manager

System management

Device management

Device management

Managing devices

Device software management

Device config management

Managing batch import

Configuration guide

Managing device groups

Configuration guide

Device group list

Adding a device group

Managing events

Configuration guide

Device event list

Device interface event list

Managing device access templates

Configuration guide

Template list

Adding a template

Managing the device software database

Configuration guide

Importing device software

Managing deployment tasks

Configuration guide